Rename mac_check_vnode_delete() MAC Framework and MAC Policy entry

point to mac_check_vnode_unlink(), reflecting UNIX naming conventions. This is the first of several commits to synchronize the MAC Framework in FreeBSD 7.0 with the MAC Framework as it will appear in Mac OS X Leopard. Reveiwed by: csjp, Samy Bahra <sbahra at gwu dot edu> Submitted by: Jacques Vidrine <nectar at apple dot com> Obtained from: Apple Computer, Inc. Sponsored by: SPARTA, SPAWAR Approved by: re (bmah)
author: rwatson <rwatson@FreeBSD.org> 2007-09-10 00:00:18 +0000
committer: rwatson <rwatson@FreeBSD.org> 2007-09-10 00:00:18 +0000
commit: 198c38400acd01acb916e7350ad6b0a60e56068e (patch)
tree: 6d07b0ffd85b745bb08a976a4412f5862aba277b /sys
parent: 2f5eb093a49d608441a859f9e1771c6dbbc128e0 (diff)
download: FreeBSD-src-198c38400acd01acb916e7350ad6b0a60e56068e.zip
FreeBSD-src-198c38400acd01acb916e7350ad6b0a60e56068e.tar.gz
10 files changed, 138 insertions, 138 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index d90e322..07a8de1 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -1693,7 +1693,7 @@ restart:
 			goto restart;
 		}
 #ifdef MAC
-		error = mac_check_vnode_delete(td->td_ucred, nd.ni_dvp, vp,
+		error = mac_check_vnode_unlink(td->td_ucred, nd.ni_dvp, vp,
 		    &nd.ni_cnd);
 		if (error)
 			goto out;
@@ -3550,7 +3550,7 @@ restart:
 		goto out;
 	}
 #ifdef MAC
-	error = mac_check_vnode_delete(td->td_ucred, nd.ni_dvp, vp,
+	error = mac_check_vnode_unlink(td->td_ucred, nd.ni_dvp, vp,
 	    &nd.ni_cnd);
 	if (error)
 		goto out;
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index a6df18d..56fbe33 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -351,8 +351,6 @@ int	mac_check_vnode_chdir(struct ucred *cred, struct vnode *dvp);
 int	mac_check_vnode_chroot(struct ucred *cred, struct vnode *dvp);
 int	mac_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 	    struct componentname *cnp, struct vattr *vap);
-int	mac_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-	    struct vnode *vp, struct componentname *cnp);
 int	mac_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
 	    acl_type_t type);
 int	mac_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
@@ -400,6 +398,8 @@ int	mac_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
 	    struct timespec atime, struct timespec mtime);
 int	mac_check_vnode_stat(struct ucred *active_cred,
 	    struct ucred *file_cred, struct vnode *vp);
+int	mac_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+	    struct vnode *vp, struct componentname *cnp);
 int	mac_check_vnode_write(struct ucred *active_cred,
 	    struct ucred *file_cred, struct vnode *vp);
 int	mac_getsockopt_label(struct ucred *cred, struct socket *so,
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index bf9ad1a..dfcb987 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -524,10 +524,6 @@ typedef int	(*mpo_check_vnode_chroot_t)(struct ucred *cred,
 typedef int	(*mpo_check_vnode_create_t)(struct ucred *cred,
 		    struct vnode *dvp, struct label *dvplabel,
 		    struct componentname *cnp, struct vattr *vap);
-typedef int	(*mpo_check_vnode_delete_t)(struct ucred *cred,
-		    struct vnode *dvp, struct label *dvplabel,
-		    struct vnode *vp, struct label *vplabel,
-		    struct componentname *cnp);
 typedef int	(*mpo_check_vnode_deleteacl_t)(struct ucred *cred,
 		    struct vnode *vp, struct label *vplabel,
 		    acl_type_t type);
@@ -604,6 +600,10 @@ typedef int	(*mpo_check_vnode_setutimes_t)(struct ucred *cred,
 typedef int	(*mpo_check_vnode_stat_t)(struct ucred *active_cred,
 		    struct ucred *file_cred, struct vnode *vp,
 		    struct label *vplabel);
+typedef int	(*mpo_check_vnode_unlink_t)(struct ucred *cred,
+		    struct vnode *dvp, struct label *dvplabel,
+		    struct vnode *vp, struct label *vplabel,
+		    struct componentname *cnp);
 typedef int	(*mpo_check_vnode_write_t)(struct ucred *active_cred,
 		    struct ucred *file_cred, struct vnode *vp,
 		    struct label *vplabel);
@@ -868,7 +868,6 @@ struct mac_policy_ops {
 	mpo_check_vnode_chdir_t			mpo_check_vnode_chdir;
 	mpo_check_vnode_chroot_t		mpo_check_vnode_chroot;
 	mpo_check_vnode_create_t		mpo_check_vnode_create;
-	mpo_check_vnode_delete_t		mpo_check_vnode_delete;
 	mpo_check_vnode_deleteacl_t		mpo_check_vnode_deleteacl;
 	mpo_check_vnode_deleteextattr_t		mpo_check_vnode_deleteextattr;
 	mpo_check_vnode_exec_t			mpo_check_vnode_exec;
@@ -897,6 +896,7 @@ struct mac_policy_ops {
 	mpo_check_vnode_setowner_t		mpo_check_vnode_setowner;
 	mpo_check_vnode_setutimes_t		mpo_check_vnode_setutimes;
 	mpo_check_vnode_stat_t			mpo_check_vnode_stat;
+	mpo_check_vnode_unlink_t		mpo_check_vnode_unlink;
 	mpo_check_vnode_write_t			mpo_check_vnode_write;
 	mpo_associate_nfsd_label_t		mpo_associate_nfsd_label;
 	mpo_create_mbuf_from_firewall_t		mpo_create_mbuf_from_firewall;
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index ed716db..ad6a0e6 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -391,20 +391,6 @@ mac_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 }
 
 int
-mac_check_vnode_delete(struct ucred *cred, struct vnode *dvp, struct vnode *vp,
-    struct componentname *cnp)
-{
-	int error;
-
-	ASSERT_VOP_LOCKED(dvp, "mac_check_vnode_delete");
-	ASSERT_VOP_LOCKED(vp, "mac_check_vnode_delete");
-
-	MAC_CHECK(check_vnode_delete, cred, dvp, dvp->v_label, vp,
-	    vp->v_label, cnp);
-	return (error);
-}
-
-int
 mac_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
     acl_type_t type)
 {
@@ -741,6 +727,20 @@ mac_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 int
+mac_check_vnode_unlink(struct ucred *cred, struct vnode *dvp, struct vnode *vp,
+    struct componentname *cnp)
+{
+	int error;
+
+	ASSERT_VOP_LOCKED(dvp, "mac_check_vnode_unlink");
+	ASSERT_VOP_LOCKED(vp, "mac_check_vnode_unlink");
+
+	MAC_CHECK(check_vnode_unlink, cred, dvp, dvp->v_label, vp,
+	    vp->v_label, cnp);
+	return (error);
+}
+
+int
 mac_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
     struct vnode *vp)
 {
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 9396b38..7d56b6b 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -2625,30 +2625,6 @@ mac_biba_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 }
 
 static int
-mac_biba_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
-    struct componentname *cnp)
-{
-	struct mac_biba *subj, *obj;
-
-	if (!mac_biba_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-	obj = SLOT(dvplabel);
-
-	if (!mac_biba_dominate_effective(subj, obj))
-		return (EACCES);
-
-	obj = SLOT(vplabel);
-
-	if (!mac_biba_dominate_effective(subj, obj))
-		return (EACCES);
-
-	return (0);
-}
-
-static int
 mac_biba_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel, acl_type_t type)
 {
@@ -3187,6 +3163,30 @@ mac_biba_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 static int
+mac_biba_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
+    struct componentname *cnp)
+{
+	struct mac_biba *subj, *obj;
+
+	if (!mac_biba_enabled)
+		return (0);
+
+	subj = SLOT(cred->cr_label);
+	obj = SLOT(dvplabel);
+
+	if (!mac_biba_dominate_effective(subj, obj))
+		return (EACCES);
+
+	obj = SLOT(vplabel);
+
+	if (!mac_biba_dominate_effective(subj, obj))
+		return (EACCES);
+
+	return (0);
+}
+
+static int
 mac_biba_check_vnode_write(struct ucred *active_cred,
     struct ucred *file_cred, struct vnode *vp, struct label *vplabel)
 {
@@ -3389,7 +3389,6 @@ static struct mac_policy_ops mac_biba_ops =
 	.mpo_check_vnode_chdir = mac_biba_check_vnode_chdir,
 	.mpo_check_vnode_chroot = mac_biba_check_vnode_chroot,
 	.mpo_check_vnode_create = mac_biba_check_vnode_create,
-	.mpo_check_vnode_delete = mac_biba_check_vnode_delete,
 	.mpo_check_vnode_deleteacl = mac_biba_check_vnode_deleteacl,
 	.mpo_check_vnode_deleteextattr = mac_biba_check_vnode_deleteextattr,
 	.mpo_check_vnode_exec = mac_biba_check_vnode_exec,
@@ -3415,6 +3414,7 @@ static struct mac_policy_ops mac_biba_ops =
 	.mpo_check_vnode_setowner = mac_biba_check_vnode_setowner,
 	.mpo_check_vnode_setutimes = mac_biba_check_vnode_setutimes,
 	.mpo_check_vnode_stat = mac_biba_check_vnode_stat,
+	.mpo_check_vnode_unlink = mac_biba_check_vnode_unlink,
 	.mpo_check_vnode_write = mac_biba_check_vnode_write,
 	.mpo_associate_nfsd_label = mac_biba_associate_nfsd_label,
 	.mpo_create_mbuf_from_firewall = mac_biba_create_mbuf_from_firewall,
diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c
index c51dde2..bdeadce 100644
--- a/sys/security/mac_bsdextended/mac_bsdextended.c
+++ b/sys/security/mac_bsdextended/mac_bsdextended.c
@@ -504,19 +504,6 @@ mac_bsdextended_check_create_vnode(struct ucred *cred, struct vnode *dvp,
 }
 
 static int
-mac_bsdextended_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
-    struct componentname *cnp)
-{
-	int error;
-
-	error = mac_bsdextended_check_vp(cred, dvp, MBI_WRITE);
-	if (error)
-		return (error);
-	return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
-}
-
-static int
 mac_bsdextended_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel, acl_type_t type)
 {
@@ -708,6 +695,19 @@ mac_bsdextended_check_vnode_stat(struct ucred *active_cred,
 	return (mac_bsdextended_check_vp(active_cred, vp, MBI_STAT));
 }
 
+static int
+mac_bsdextended_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
+    struct componentname *cnp)
+{
+	int error;
+
+	error = mac_bsdextended_check_vp(cred, dvp, MBI_WRITE);
+	if (error)
+		return (error);
+	return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
+}
+
 static struct mac_policy_ops mac_bsdextended_ops =
 {
 	.mpo_destroy = mac_bsdextended_destroy,
@@ -720,7 +720,6 @@ static struct mac_policy_ops mac_bsdextended_ops =
 	.mpo_check_vnode_chdir = mac_bsdextended_check_vnode_chdir,
 	.mpo_check_vnode_chroot = mac_bsdextended_check_vnode_chroot,
 	.mpo_check_vnode_create = mac_bsdextended_check_create_vnode,
-	.mpo_check_vnode_delete = mac_bsdextended_check_vnode_delete,
 	.mpo_check_vnode_deleteacl = mac_bsdextended_check_vnode_deleteacl,
 	.mpo_check_vnode_deleteextattr = mac_bsdextended_check_vnode_deleteextattr,
 	.mpo_check_vnode_exec = mac_bsdextended_check_vnode_exec,
@@ -742,6 +741,7 @@ static struct mac_policy_ops mac_bsdextended_ops =
 	.mpo_check_vnode_setowner = mac_bsdextended_check_vnode_setowner,
 	.mpo_check_vnode_setutimes = mac_bsdextended_check_vnode_setutimes,
 	.mpo_check_vnode_stat = mac_bsdextended_check_vnode_stat,
+	.mpo_check_vnode_unlink = mac_bsdextended_check_vnode_unlink,
 };
 
 MAC_POLICY_SET(&mac_bsdextended_ops, mac_bsdextended,
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index 8d9b13e..008a761 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -2345,30 +2345,6 @@ mac_lomac_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 }
 
 static int
-mac_lomac_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
-    struct componentname *cnp)
-{
-	struct mac_lomac *subj, *obj;
-
-	if (!mac_lomac_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-	obj = SLOT(dvplabel);
-
-	if (!mac_lomac_subject_dominate(subj, obj))
-		return (EACCES);
-
-	obj = SLOT(vplabel);
-
-	if (!mac_lomac_subject_dominate(subj, obj))
-		return (EACCES);
-
-	return (0);
-}
-
-static int
 mac_lomac_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel, acl_type_t type)
 {
@@ -2753,6 +2729,30 @@ mac_lomac_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
 }
 
 static int
+mac_lomac_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
+    struct componentname *cnp)
+{
+	struct mac_lomac *subj, *obj;
+
+	if (!mac_lomac_enabled)
+		return (0);
+
+	subj = SLOT(cred->cr_label);
+	obj = SLOT(dvplabel);
+
+	if (!mac_lomac_subject_dominate(subj, obj))
+		return (EACCES);
+
+	obj = SLOT(vplabel);
+
+	if (!mac_lomac_subject_dominate(subj, obj))
+		return (EACCES);
+
+	return (0);
+}
+
+static int
 mac_lomac_check_vnode_write(struct ucred *active_cred,
     struct ucred *file_cred, struct vnode *vp, struct label *vplabel)
 {
@@ -2933,7 +2933,6 @@ static struct mac_policy_ops mac_lomac_ops =
 	.mpo_check_system_sysctl = mac_lomac_check_system_sysctl,
 	.mpo_check_vnode_access = mac_lomac_check_vnode_open,
 	.mpo_check_vnode_create = mac_lomac_check_vnode_create,
-	.mpo_check_vnode_delete = mac_lomac_check_vnode_delete,
 	.mpo_check_vnode_deleteacl = mac_lomac_check_vnode_deleteacl,
 	.mpo_check_vnode_link = mac_lomac_check_vnode_link,
 	.mpo_check_vnode_mmap = mac_lomac_check_vnode_mmap,
@@ -2950,6 +2949,7 @@ static struct mac_policy_ops mac_lomac_ops =
 	.mpo_check_vnode_setmode = mac_lomac_check_vnode_setmode,
 	.mpo_check_vnode_setowner = mac_lomac_check_vnode_setowner,
 	.mpo_check_vnode_setutimes = mac_lomac_check_vnode_setutimes,
+	.mpo_check_vnode_unlink = mac_lomac_check_vnode_unlink,
 	.mpo_check_vnode_write = mac_lomac_check_vnode_write,
 	.mpo_thread_userret = mac_lomac_thread_userret,
 	.mpo_create_mbuf_from_firewall = mac_lomac_create_mbuf_from_firewall,
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index 7660b65..cc4e1ad 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -2272,30 +2272,6 @@ mac_mls_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 }
 
 static int
-mac_mls_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
-    struct componentname *cnp)
-{
-	struct mac_mls *subj, *obj;
-
-	if (!mac_mls_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-	obj = SLOT(dvplabel);
-
-	if (!mac_mls_dominate_effective(obj, subj))
-		return (EACCES);
-
-	obj = SLOT(vplabel);
-
-	if (!mac_mls_dominate_effective(obj, subj))
-		return (EACCES);
-
-	return (0);
-}
-
-static int
 mac_mls_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel, acl_type_t type)
 {
@@ -2834,6 +2810,30 @@ mac_mls_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 static int
+mac_mls_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
+    struct componentname *cnp)
+{
+	struct mac_mls *subj, *obj;
+
+	if (!mac_mls_enabled)
+		return (0);
+
+	subj = SLOT(cred->cr_label);
+	obj = SLOT(dvplabel);
+
+	if (!mac_mls_dominate_effective(obj, subj))
+		return (EACCES);
+
+	obj = SLOT(vplabel);
+
+	if (!mac_mls_dominate_effective(obj, subj))
+		return (EACCES);
+
+	return (0);
+}
+
+static int
 mac_mls_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
     struct vnode *vp, struct label *vplabel)
 {
@@ -3011,7 +3011,6 @@ static struct mac_policy_ops mac_mls_ops =
 	.mpo_check_vnode_chdir = mac_mls_check_vnode_chdir,
 	.mpo_check_vnode_chroot = mac_mls_check_vnode_chroot,
 	.mpo_check_vnode_create = mac_mls_check_vnode_create,
-	.mpo_check_vnode_delete = mac_mls_check_vnode_delete,
 	.mpo_check_vnode_deleteacl = mac_mls_check_vnode_deleteacl,
 	.mpo_check_vnode_deleteextattr = mac_mls_check_vnode_deleteextattr,
 	.mpo_check_vnode_exec = mac_mls_check_vnode_exec,
@@ -3037,6 +3036,7 @@ static struct mac_policy_ops mac_mls_ops =
 	.mpo_check_vnode_setowner = mac_mls_check_vnode_setowner,
 	.mpo_check_vnode_setutimes = mac_mls_check_vnode_setutimes,
 	.mpo_check_vnode_stat = mac_mls_check_vnode_stat,
+	.mpo_check_vnode_unlink = mac_mls_check_vnode_unlink,
 	.mpo_check_vnode_write = mac_mls_check_vnode_write,
 	.mpo_associate_nfsd_label = mac_mls_associate_nfsd_label,
 	.mpo_create_mbuf_from_firewall = mac_mls_create_mbuf_from_firewall,
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 7bd2388..8c39999 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -1183,15 +1183,6 @@ stub_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 }
 
 static int
-stub_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
-    struct componentname *cnp)
-{
-
-	return (0);
-}
-
-static int
 stub_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel, acl_type_t type)
 {
@@ -1413,6 +1404,15 @@ stub_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 static int
+stub_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
+    struct componentname *cnp)
+{
+
+	return (0);
+}
+
+static int
 stub_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
     struct vnode *vp, struct label *vplabel)
 {
@@ -1623,7 +1623,6 @@ static struct mac_policy_ops mac_stub_ops =
 	.mpo_check_vnode_chdir = stub_check_vnode_chdir,
 	.mpo_check_vnode_chroot = stub_check_vnode_chroot,
 	.mpo_check_vnode_create = stub_check_vnode_create,
-	.mpo_check_vnode_delete = stub_check_vnode_delete,
 	.mpo_check_vnode_deleteacl = stub_check_vnode_deleteacl,
 	.mpo_check_vnode_deleteextattr = stub_check_vnode_deleteextattr,
 	.mpo_check_vnode_exec = stub_check_vnode_exec,
@@ -1651,6 +1650,7 @@ static struct mac_policy_ops mac_stub_ops =
 	.mpo_check_vnode_setowner = stub_check_vnode_setowner,
 	.mpo_check_vnode_setutimes = stub_check_vnode_setutimes,
 	.mpo_check_vnode_stat = stub_check_vnode_stat,
+	.mpo_check_vnode_unlink = stub_check_vnode_unlink,
 	.mpo_check_vnode_write = stub_check_vnode_write,
 	.mpo_priv_check = stub_priv_check,
 	.mpo_priv_grant = stub_priv_grant,
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index bbc3cf2..14b67b6 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -2098,21 +2098,6 @@ mac_test_check_vnode_create(struct ucred *cred, struct vnode *dvp,
 	return (0);
 }
 
-COUNTER_DECL(check_vnode_delete);
-static int
-mac_test_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
-    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
-    struct componentname *cnp)
-{
-
-	LABEL_CHECK(cred->cr_label, MAGIC_CRED);
-	LABEL_CHECK(dvplabel, MAGIC_VNODE);
-	LABEL_CHECK(vplabel, MAGIC_VNODE);
-	COUNTER_INC(check_vnode_delete);
-
-	return (0);
-}
-
 COUNTER_DECL(check_vnode_deleteacl);
 static int
 mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
@@ -2455,6 +2440,21 @@ mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
 	return (0);
 }
 
+COUNTER_DECL(check_vnode_unlink);
+static int
+mac_test_check_vnode_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dvplabel, struct vnode *vp, struct label *vplabel,
+    struct componentname *cnp)
+{
+
+	LABEL_CHECK(cred->cr_label, MAGIC_CRED);
+	LABEL_CHECK(dvplabel, MAGIC_VNODE);
+	LABEL_CHECK(vplabel, MAGIC_VNODE);
+	COUNTER_INC(check_vnode_unlink);
+
+	return (0);
+}
+
 COUNTER_DECL(check_vnode_write);
 static int
 mac_test_check_vnode_write(struct ucred *active_cred,
@@ -2656,7 +2656,6 @@ static struct mac_policy_ops mac_test_ops =
 	.mpo_check_vnode_chdir = mac_test_check_vnode_chdir,
 	.mpo_check_vnode_chroot = mac_test_check_vnode_chroot,
 	.mpo_check_vnode_create = mac_test_check_vnode_create,
-	.mpo_check_vnode_delete = mac_test_check_vnode_delete,
 	.mpo_check_vnode_deleteacl = mac_test_check_vnode_deleteacl,
 	.mpo_check_vnode_deleteextattr = mac_test_check_vnode_deleteextattr,
 	.mpo_check_vnode_exec = mac_test_check_vnode_exec,
@@ -2682,6 +2681,7 @@ static struct mac_policy_ops mac_test_ops =
 	.mpo_check_vnode_setowner = mac_test_check_vnode_setowner,
 	.mpo_check_vnode_setutimes = mac_test_check_vnode_setutimes,
 	.mpo_check_vnode_stat = mac_test_check_vnode_stat,
+	.mpo_check_vnode_unlink = mac_test_check_vnode_unlink,
 	.mpo_check_vnode_write = mac_test_check_vnode_write,
 };
author	rwatson <rwatson@FreeBSD.org>	2007-09-10 00:00:18 +0000
committer	rwatson <rwatson@FreeBSD.org>	2007-09-10 00:00:18 +0000
commit	198c38400acd01acb916e7350ad6b0a60e56068e (patch)
tree	6d07b0ffd85b745bb08a976a4412f5862aba277b /sys
parent	2f5eb093a49d608441a859f9e1771c6dbbc128e0 (diff)
download	FreeBSD-src-198c38400acd01acb916e7350ad6b0a60e56068e.zip FreeBSD-src-198c38400acd01acb916e7350ad6b0a60e56068e.tar.gz